Re: Default ssh protocol in -STABLE [was: HEADS UP: FreeBSD-STABLE now has OpenSSH 3.4p1]

From: D J Hawkey Jr (hawkeyd@visi.com)
Date: 07/05/02

• Next message: Kim Okasawa: "Re: Any security issues with root's cron job?"
• Previous message: Kevin Oberman: "Re: Default ssh protocol in -STABLE [was: HEADS UP: FreeBSD-STABLE now has OpenSSH 3.4p1]"
• Maybe in reply to: Dag-Erling Smorgrav: "Re: Default ssh protocol in -STABLE [was: HEADS UP: FreeBSD-STABLE now has OpenSSH 3.4p1]"
• Next in thread: Aragon Gouveia: "Re: Default ssh protocol in -STABLE [was: HEADS UP: FreeBSD-STABLE now has OpenSSH 3.4p1]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Fri, 5 Jul 2002 14:30:17 -0500 (CDT)
From: hawkeyd@visi.com (D J Hawkey Jr)
To: des@ofug.org, freebsd-security@freebsd.org

In article <xzphejepfd7.fsf_-__flood.ping.uio.no@ns.sol.net>,
        des@ofug.org writes:
> [moving from -stable to -security, bcc: to -stable and security-team]
>
> Mike Tancsa <mike@sentex.net> writes:
>> As a lot has changed with OpenSSH in FreeBSD, perhaps now is a good
>> time to make the 2,1 the default instead ?
>
> I'd like that. I think the only reason for the old default was not to
> surprise users who had the ssh1 RSA host key in their known_hosts but
> not the ssh2 DSA host key.
>
> What do people think about this? Keep 2,1 or revert to 1,2?

The former. And note it in UPDATING.

FWIW, I've been setting machines I'm responsible for to 2 only
for some time now.

> DES

Dave

-- 
Windows: "Where do you want to go today?"
Linux: "Where do you want to go tomorrow?"
FreeBSD: "Are you guys coming, or what?"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

---

• Next message: Kim Okasawa: "Re: Any security issues with root's cron job?"
• Previous message: Kevin Oberman: "Re: Default ssh protocol in -STABLE [was: HEADS UP: FreeBSD-STABLE now has OpenSSH 3.4p1]"
• Maybe in reply to: Dag-Erling Smorgrav: "Re: Default ssh protocol in -STABLE [was: HEADS UP: FreeBSD-STABLE now has OpenSSH 3.4p1]"
• Next in thread: Aragon Gouveia: "Re: Default ssh protocol in -STABLE [was: HEADS UP: FreeBSD-STABLE now has OpenSSH 3.4p1]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Default ssh protocol in -STABLE [was: HEADS UP: FreeBSD-STABLE now has OpenSSH 3.4p1] ... >>> As a lot has changed with OpenSSH in FreeBSD, ... >> not the ssh2 DSA host key. ... The default in OpenSSH source is Protocol 2,1. ... doesn't want to talk v2 the client won't be able to use it and will work ... (FreeBSD-Security) Re: Default ssh protocol in -STABLE [was: HEADS UP: FreeBSD-STABLE now has OpenSSH 3.4p1] ... >>As a lot has changed with OpenSSH in FreeBSD, ... > not the ssh2 DSA host key. ... I only have to support 100 clients. ... (FreeBSD-Security) Re: Default ssh protocol in -STABLE [was: HEADS UP: FreeBSD-STABLE ... > Hash: SHA1 ... >>> As a lot has changed with OpenSSH in FreeBSD, ... >> not the ssh2 DSA host key. ... FreeBSD: "Are you guys coming, ... (FreeBSD-Security) Re: Default ssh protocol in -STABLE [was: HEADS UP: FreeBSD-STABLE now has OpenSSH 3.4p1] ... > As a lot has changed with OpenSSH in FreeBSD, ... not the ssh2 DSA host key. ... with "unsubscribe freebsd-security" in the body of the message ... (FreeBSD-Security) Re: Default ssh protocol in -STABLE [was: HEADS UP: FreeBSD-STABLE now has OpenSSH 3.4p1] ... >> As a lot has changed with OpenSSH in FreeBSD, ... > not the ssh2 DSA host key. ... (Let's keep the astonishment to a minimum. ... Energy Sciences Network ... (FreeBSD-Security)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > FreeBSD-Security  > 2002-07